Data Protection Notice

We respect your trust in us to use, store and share your information. In this notice, we explain how we collect personal information about you, how we use it and how you can interact with us about it.

We try to keep this notice as simple as possible but if you are unfamiliar with our terms, or want more detail on any of the information here, please see our website’s Frequently Asked Questions at www.ebs.ie/dataprotection. You can also contact us directly for more information.

When we talk about “us” or “we” in this notice, we are talking about EBS d.a.c. which is a wholly owned subsidiary of Allied Irish Banks, p.l.c. 

We share your information with Allied Irish Banks p.l.c and its subsidiaries, affiliates and their respective parent and subsidiary companies to help us provide our services, comply with regulatory and legal requirements, and improve our products.

Our Data Protection Officer oversees how we collect, use, share and protect your information to ensure your rights are fulfilled. You can contact our Data Protection Officer at DPO@aib.ie or by writing to them at: Data Protection Officer, 10 Molesworth Street, Dublin 2, D02 R126.

We collect personal information from you, for example when you open an account; make a deposit; apply for products and services; use your credit or debit card; complete transactions; or look for advice. We also collect information through our website, apps, social media, discussion forums, market research and our CCTV footage. We will sometimes record phone conversations and
we will always let you know when we do this. 

We may collect information to identify you through voice, facial or fingerprint (biometric data) recognition technology. We always ask for your consent to do this.

Our websites use ‘cookie’ technology. A cookie is a little piece of text that our server places on your device when you visit any of our websites or apps. They help us make the sites work better for you.

When you apply to us for products and services, and during the time you use these, we carry out information searches and verify your identity. We do this by sending and receiving information about you to and from third parties including credit reference agencies, and/or credit registers including the Central Credit Register and Irish Credit Bureau. We and these agencies/registers may
keep records of our searches whether or not the product or service goes ahead.

We protect your information with security measures under the laws that apply and we meet international standards. We keep our computers, files and buildings secure. When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information.

To meet our legal and regulatory obligations, we hold your information while you are a customer and for a period of time after that. We do not hold it for longer than necessary.

To use your information lawfully, we rely on one or more of the following legal bases:

• performance of a contract;
• legal obligation;
• protecting the vital interests of you or others;
• public interest;
• our legitimate interests; and
• your consent.

To meet our regulatory and legal obligations, we collect some of your personal information, verify it, keep it up to date through regular checks, and delete it once we no longer have to keep it. We may also gather information about you from third parties to help us meet our obligations. If you do not provide the information we need, or help us keep it up to date, we may not be able to provide you with our products and services.

Sometimes we need your consent to use your personal information. With direct marketing for example, we need your consent to make you aware of products and services which may be of interest to you. We may do this by phone, post, email, text or through other digital media.

You can decide how much direct marketing you want to accept when you apply for new products and services. If we ever contact you to get your feedback on ways to improve our products and services, you have the choice to opt out.

When we use sensitive personal information about you, such as medical or biometric data, we ask for your consent. Before you give your consent, we tell you what information we collect and what we use it for. You can remove your consent at any time by contacting us.

We use information about you to:

• provide relevant products and services;
• identify ways we can improve our products and services;
• maintain and monitor your products and services;
• protect both our interests;
• meet our legal and regulatory obligations; and
• decide and recommend how our products and services might be suitable for you.

To provide our products and services under the terms and conditions we agree between us, we need to collect and use personal information about you. If you do not provide this personal information, we may not be able to provide you with our products and services.

We analyse the information that we collect on you through your use of our products and services and on our social media, apps and websites. This helps us understand your financial behaviour, how we interact with you and our position in a market place. Examples of how we use this information includes helping protect you and others from financial crime, offering you products and services and personalising your experience.

We may report trends we see to third parties. These trend reports may include information about activity on devices, for example mobile phones, ATMs and self-service kiosks, or card spend in particular regions or industries. When we prepare these reports, we group customers’ information and remove any names. We do not share information in these reports that can identify you as a customer, such as your name, or account details.

We sometimes use technology to help us make decisions automatically. For example, when you apply for a loan online. Before we make a decision, we automatically score the information you give us, any information we already hold about you, and any information we may get from other sources.

Sometimes we share your information with third parties.

For example to:

• provide products, services and information;
• analyse information;
• research your experiences dealing with us;
• collect debts;
• sell your debts;
• sell whole or part of our business;
• prevent financial crime;
• help trace, investigate and recover funds on your behalf;
• trace information; and
• protect both our interests.

We expect these third parties to have the same levels of information protection that we have.

We also have to share information with third parties to meet any applicable law, regulation or lawful request. When we believe we have been given false or misleading information, or we suspect criminal activity we must record this and tell law enforcement agencies, which may be either in or outside Ireland.

We may transfer your personal information outside of the European Economic Area (EEA) to help us provide your products and services. We expect the same standard of data protection is applied outside of the EEA to these transfers and the use of the information, to ensure your rights are protected.

You will find information about your rights, when they apply and our responsibility to you on our website’s Frequently Asked Questions section. 

You can exercise your rights by contacting us directly by calling, using our social media channels, calling into a EBS Network Office, or by visiting our website at www.ebs.ie/dataprotection. 

We can help you with:

Accessing your personal information:You can ask us for a copy of the personal information we hold. You can ask us about how we collect, share and use your personal information.

Updating and correcting your personal details.

Removing consent: You can change your mind wherever you give us your consent, such as for direct marketing, or using your sensitive information, such as medical or biometric data.

Restricting and objecting: You may have the right to restrict or object to us using your personal information or using automated decision making.

Deleting your information (your right to be forgotten). You may ask us to delete your personal information.

Moving your information (your right to Portability). Where possible we can share a digital copy of your information directly with you or another organisation.

When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information.

We generally do not charge you when you contact us to ask about your information.

If you have a complaint about the use of your personal information, please let a member of staff in your local EBS Network Office (or service outlet) know, giving them the opportunity to put things right as quickly as possible. 

If you wish to make a complaint you may do so in person, by telephone, in writing and by email. Please be assured that all complaints received will be fully investigated. You can register a complaint through our contact centre, your local EBS Network Offices, our Website, by phone, by email or in person at your local EBS Network Office.

We ask that you supply as much information as possible to help our staff resolve your complaint quickly.

You can also contact the Data Protection Commission in Ireland at www.dataprotection.ie.

We will make changes to this notice from time to time, particularly when we change how we use your information, and change our technology and products.

You can always find an up-to-date version of this notice on our website at www.ebs.ie/dataprotection. You will also find a copy on display at your local branch or you can ask us for a copy.

This notice was updated as of 1st April 2022.